Wireshark
Wireshark
3.2.5

5.0

Wireshark free download for Mac

Wireshark3.2.5

03 July 2020

Network protocol analyzer.

Overview

Wireshark is one of the world's foremost network protocol analyzers, and is the standard in many parts of the industry. It is the continuation of a project that started in 1998. Hundreds of developers around the world have contributed to it, and it it still under active development.

Wireshark has a rich feature set which includes the following:

  • Standard three-pane packet browser
  • Multi-platform: Runs on Windows, Linux, OS X, Solaris, FreeBSD, NetBSD, and many others
  • Multi-interface: Along with a standard GUI, Wireshark includes TShark, a text-mode analyzer which is useful for remote capture, analysis, and scripting
  • The most powerful display filters in the industry
  • VoIP analysis
  • Live capture and offline analysis are supported
  • Read/write many different capture file formats: tcpdump (libpcap), NAI's Sniffer (compressed and uncompressed), Sniffer Pro, NetXray, Sun snoop and atmsnoop, Shomiti/Finisar Surveyor, AIX's iptrace, Microsoft's Network Monitor, Novell's LANalyzer, RADCOM's WAN/LAN Analyzer, HP-UX nettl, i4btrace from the ISDN4BSD project, Cisco Secure IDS iplog, the pppd log (pppdump-format), the AG Group's/WildPacket's EtherPeek/TokenPeek/AiroPeek, Visual Networks' Visual UpTime and many others
  • Capture files compressed with gzip can be decompressed on the fly
  • Hundreds of protocols are supported, with more being added all the time
  • Coloring rules can be applied to the packet list, which eases analysis

What's new in Wireshark

Version 3.2.5:
The following vulnerabilities have been fixed:
  • wnpa-sec-2020-09 GVCP dissector infinite loop
The following bugs have been fixed:
  • Add decryption support for QUIC IETF version 0xfaceb001 and 0xfaceb002
  • The "relative sequence number" is same as "raw sequence number" when tcp.analyze_sequence_numbers:FALSE
  • Importing profiles from a different Windows PC fails
  • Decode as not working correctly with multiple user profiles
  • Wireshark can misdissect the HE Radiotap field if it’s ever dissected one with any value unknown
  • Buildbot crash output: fuzz-2020-06-19-5981.pcap
  • Buildbot crash output: fuzz-2020-06-20-7665.pcap
  • mergecap man page contains invalid formatting

Join over 500,000 subscribers.

Subscribe for our newsletter with best Mac offers from MacUpdate.

How would you rate Wireshark app?

23 Reviews of Wireshark

Macinman
28 July 2019
Version: 3.1.0

Most helpful

Hey guys, was curious if there is anyone here that uses Homebrew, I had upgraded to Wireshark 3.1.0 via the cask command in brew, then they released an update that put it back to version 3.0.3, which I had initially. I was just curious why? Thanks
(2)
Macinman
28 July 2019
Version: 3.1.0
Hey guys, was curious if there is anyone here that uses Homebrew, I had upgraded to Wireshark 3.1.0 via the cask command in brew, then they released an update that put it back to version 3.0.3, which I had initially. I was just curious why? Thanks
(2)
5
Jullrich
25 July 2018
Version: 2.6.2
greatest packet analysis tool ever
(2)
Virtualruffy
21 July 2017
Version: 2.4.0
Link is wrong, goes to old version. correct 2.4 version https://2.na.dl.wireshark.org/osx/Wireshark%202.4.0%20Intel%2064.dmg
(0)
iGaucho
21 November 2015
Version: 2.0.0
Finally it has a native UI and doesn't require X11/XQuartz!
(1)
hwgray
29 October 2015
Version: 1.12.8
Wireshark.org suggests that users of OS X try v2.0.0rc1, first. If it doesn't work for you, then try this version.
(0)
WordWeaver
17 March 2015
Version: 1.12.4
This may possibly be of help to other new WireShark users who are having trouble getting WireShark to launch in Yosemite. Some of this has been shared before, but there is a little added twist at the end which worked for me. I made repeated attempts to use both WireShark 1.12.4 and 1.99.3, but without success. Regardless of which version I used, WireShark keep freezing up during the initialization process. In the initialization window, WireShark would get as far as "Loading module preferences", or about three quarters of the way done, and in the bottom of the window it would say "Please wait while Wireshark is initializing..."; and then freeze-up. So I conducted some quick research on the web and discovered that I had to enter "sudo ln -s /opt/X11 /usr/X11" in the Terminal in order to restore a link an X11 link that Yosemite breaks. However, even that did not help. Next, I reinstalled XQuartz 2.7.7. Again, that didn't help either. Then I came across an online comment where someone stated that they typed "sudo wireshark" in the Terminal. Guess what? I don't know why, but it worked. The Terminal spit out the following, and then WireShark launched on my desktop: void QCocoaMenu::insertNative(QCocoaMenuItem *, QCocoaMenuItem *) Menu item is already in a menu, remove it from the other menu first before inserting void QCocoaMenu::insertNative(QCocoaMenuItem *, QCocoaMenuItem *) Menu item is already in a menu, remove it from the other menu first before inserting void QCocoaMenu::insertNative(QCocoaMenuItem *, QCocoaMenuItem *) Menu item is already in a menu, remove it from the other menu first before inserting void QCocoaMenu::insertNative(QCocoaMenuItem *, QCocoaMenuItem *) Menu item is already in a menu, remove it from the other menu first before inserting 22:01:58 Dbg plugin_dir: /Applications/Wireshark.app/Contents/PlugIns/wireshark Now I can click WireShark's icon in the Dock, and it appears to be working fine.
(1)
Chocky
14 February 2015
Version: 1.12.3
Wireshark on Yosemite To get Wireshark working on Yosemite you will need to install X11 which may be found at: http://xquartz.macosforge.org/landing/ and then make the following link: $ sudo ln -s /opt/X11 /usr/X11
(0)
5
Jpinoniemi
08 January 2015
Version: 1.12.1
Wireshark 1.12.3 was released on 1-7-15
(0)
4
Holgorio
17 September 2014
Version: 1.12.0
Wireshark 1.12.1 is available fixing several security issues with DoS vulnerabilities in some of their parsers or dissectors. Enjoy.
(0)
David-Morrison
01 April 2013
Version: 1.8.6
Just for the record, when you start WireShark (1.9.2) in Mountain Lion, it offers to install an X11 system. If you say yes, it takes you to an Apple Support page which contains a link to the XQuartz project. You have to download and install it. Note that it gets installed in the Utilities folder inside the Applications folder. When you start WireShark, it asks you to find X11. Navigate to Utilities folder and select XQuartz. WireShark now freezes for a couple of minutes while it builds font caches - DON'T PANIC! Then the window appears.
(6)
Nicolasd
17 June 2012
Version: 1.6.7
Beware. Apple is REMOVING X11 in Mac OS X 10.8 Mountain Lion. Not an optional install. It's *GONE*! In a few months, Wireshark will be unusable on up-to-date Macs.
(0)
Show comments (5)
Pzs
31 May 2012
Version: 1.6.7
I just downloaded it for a networking class. On their site the version is 1.6.8, here it's 1.6.7. Please update as I depend on Macupdate for the most recent versions. Thanks
(0)
0.5
Anon42
29 March 2012
Version: 1.6.6
No longer supports 10.6.5 :-(
(1)
4.5
frequencydip
05 November 2011
Version: 1.6.3
This program has been very useful in troubleshooting tracking and analytics. Using the GA debugger only helps for chrome, using this we can see the call any browser makes or even a connected iPad or iPhone!
(0)
4.5
JohnKHeath
22 October 2011
Version: 1.6.2
After trying for a hundred times, I still have problems installing this program. Any workaround for Lion, or is it not supported?
(0)
Show comments (2)
4
JohnKHeath
05 October 2011
Version: 1.6.2
I used to run WireShark in windows, now this version has even better functionalities in Mac. Works great, I like it.
(1)
4.5
angelowales79
30 September 2011
Version: 1.6.2
Gotta love wireshark
(0)
5
lcj005
08 June 2011
Version: 1.6.0rc2
Great tool for snooping ethernet traffic. Windows 64bit variant is a bit cumbersome on 2008 server with IPv6, but on the whole a great improvement.
(1)
SickTeddyBear
30 March 2011
Version: 1.5.0
Note that, 1.5.0 is a development/beta release. The current stable release is 1.4.4. Check the developer's web site for more info.
(0)
Show comment (1)
Chap-Harrison
13 February 2010
Version: 1.2.6
Starts up but can't find any interfaces. Not surprised since it's never tried to authenticate. I then ran Command Line tool 'sudo wireshark' which worked but gave me glaring warning about running as root. So what do people do to run wireshark on mac os x?
(0)
Show comment (1)
Mutant
12 February 2010
Version: 1.2.5
As of 2010/02/12 the MU download link is broken. Current download is: http://www.wireshark.org/download.html
(0)
Trashie
17 September 2009
Version: 1.2.2
X11 thing is a bit of a pain for OSX as X11 never works as nice on OSX as Linux. Can't tunnel some X11 stuff on OSX at all. Of course X11 has it's benefits even on OSX and I can see why they keep it this way. This is more for people trying to check network security and administrate networks than anything else so I can't see it being that popular mainstream anyway X11 or not. Most of us who use it know about X11 and Linux/Unix anyway and probably should/do have it on a Linux box anyway but we love OSX so we try to put it here too. The lack of comments for this tells you mostly it is run on Linux and Win not OSX. I can't find an app as good native to OSX but maybe there is one? But it is a wonderful project and application that really helps secure/admin networks.
(0)
4
Alcimedes
17 May 2007
Version: 0.1
I downloaded WireShark today and must say that after the initial run through I'm very impressed. Obviously a Win/Unix port based on appearance, but it can do what I've had a hard time finding any other free Mac app. capable of doing. It's keeps detailed logs of all network traffic and displays them in a handy GUI interface. If anyone is interested in where their traffic is going you should give this app. a shot. I only took off points because the appearance is obviously not Mac standard which some people won't like, and quitting the app. required a force quit. Considering what it brings to the table they are minor complaints though.
(1)
Show comment (1)